Posts by thread

lib/epochtalk_server/auth/guardian.ex

@@ -130,7 +130,7 @@ defmodule EpochtalkServer.Auth.Guardian do
   The subject should be a short identifier that can be used to identify
   the resource.
   """
-  def subject_for_token(%{user_id: user_id}, _claims) do
+  def subject_for_token(%{id: user_id}, _claims) do
     # You can use any value for the subject of your token but
     # it should be useful in retrieving the resource later, see
     # how it being used on `resource_from_claims/1` function.

lib/epochtalk_server/mailer.ex

@@ -47,10 +47,8 @@ defmodule EpochtalkServer.Mailer do
         email: email,
         id: last_post_id,
         position: last_post_position,
-        thread_author: _thread_author,
         thread_slug: thread_slug,
         title: thread_title,
-        user_id: _user_id,
         username: username
       }) do
     config = Application.get_env(:epochtalk_server, :frontend_config)
@@ -81,6 +79,45 @@ defmodule EpochtalkServer.Mailer do
     |> handle_delivered_email()
   end
 
+  @doc """
+  Sends mention notification email
+  """
+  @spec send_mention_notification(email_data :: map) :: {:ok, term} | {:error, term}
+  def send_mention_notification(%{
+        email: email,
+        post_id: post_id,
+        post_position: post_position,
+        post_author: post_author,
+        thread_slug: thread_slug,
+        thread_title: thread_title
+      }) do
+    config = Application.get_env(:epochtalk_server, :frontend_config)
+    frontend_url = config["frontend_url"]
+    website_title = config["website"]["title"]
+    from_address = config["emailer"]["options"]["from_address"]
+
+    thread_url = "#{frontend_url}/threads/#{thread_slug}?start=#{post_position}##{post_id}"
+
+    content =
+      generate_from_base_template(
+        """
+        <h3>#{post_author} mentioned you in the thread "#{thread_title}"</h3>
+        Please visit the link below to view the post you were mentioned in.<br /><br />
+        <a href="#{thread_url}">View Mention</a>
+        <small>Raw thread URL: #{thread_url}</small>
+        """,
+        config
+      )
+
+    new()
+    |> to(email)
+    |> from({website_title, from_address})
+    |> subject("[#{website_title}] New replies to thread #{thread_title}")
+    |> html_body(content)
+    |> deliver()
+    |> handle_delivered_email()
+  end
+
   defp handle_delivered_email(result) do
     case result do
       {:ok, email_metadata} ->

lib/epochtalk_server/models/auto_moderation.ex

@@ -3,10 +3,16 @@ defmodule EpochtalkServer.Models.AutoModeration do
   import Ecto.Changeset
   import Ecto.Query
   alias EpochtalkServer.Repo
+  alias EpochtalkServer.Session
   alias EpochtalkServer.Models.AutoModeration
+  alias EpochtalkServer.Models.Ban
+  alias EpochtalkServerWeb.CustomErrors.AutoModeratorReject
 
   @postgres_varchar255_max 255
   @postgres_varchar1000_max 1000
+  @hours_per_day 24
+  @minutes_per_hour 60
+  @seconds_per_minute 60
 
   @moduledoc """
   `AutoModeration` model, for performing actions relating to `User` `AutoModeration`
@@ -38,8 +44,8 @@ defmodule EpochtalkServer.Models.AutoModeration do
     field :name, :string
     field :description, :string
     field :message, :string
-    field :conditions, :map
-    field :actions, :map
+    field :conditions, {:array, :map}
+    field :actions, {:array, :string}
     field :options, :map
     field :created_at, :naive_datetime
     field :updated_at, :naive_datetime
@@ -149,4 +155,230 @@ defmodule EpochtalkServer.Models.AutoModeration do
     |> update_changeset(auto_moderation_attrs)
     |> Repo.update()
   end
+
+  ## === Public Helper Functions ===
+
+  @doc """
+  Executes `AutoModeration` rules
+
+  TODO(akinsey): Optimize and store rules in Redis so we dont have to query every request
+
+  ### Rule Anatomy
+  * Only works on posts
+  * = Name: Name for this rule (for admin readability)
+  * = Description: What this rule does (for admin readbility)
+  * = Message: Error reported back to the user on reject action
+  * = Conditions: condition regex will only work on
+  *   - body
+  *   - thread_id
+  *   - user_id
+  *   - title (although it's not much use)
+  *   == REGEX IS AN OBJECT with a pattern and flag property
+  *   Multiple conditions are allow but they all must pass to enable rule actions
+  * = Actions: reject, ban, edit, delete (filter not yet implemented)
+  * = Options:
+  *   - banInterval:
+  *      - Affects ban action.
+  *      - Leave blank for permanent
+  *      - Otherwise, JS date string
+  *   - edit:
+  *      - replace (replace chunks of text):
+  *        - regex: Regex used to match post body
+  *          - regex object has a pattern and flag property
+  *        - text: Text used to replace any matches
+  *      - template: String template used to add text above or below post body
+  """
+  @spec moderate(user :: map, post_attrs :: map) :: post_attrs :: map
+  def moderate(%{id: user_id} = _user, post_attrs) do
+    # query auto moderation rules from the db, check their validity then return them
+    rule_actions = get_rule_actions(post_attrs)
+
+    # append user_id to post attributes
+    post_attrs = post_attrs |> Map.put("user_id", user_id)
+
+    # execute rule actions if action set isn't empty, then return updated post_attributes
+    post_attrs =
+      if MapSet.size(rule_actions.action_set) > 0,
+        do: execute_rule_actions(post_attrs, rule_actions),
+        else: post_attrs
+
+    # return updated post attributes
+    post_attrs
+  end
+
+  ## === Private Helper Functions ===
+
+  defp get_rule_actions(post_attrs) do
+    acc_init = %{
+      action_set: MapSet.new(),
+      messages: [],
+      ban_interval: nil,
+      edits: []
+    }
+
+    rules = AutoModeration.all()
+
+    Enum.reduce(rules, acc_init, fn rule, acc ->
+      if rule_condition_is_valid?(post_attrs, rule.conditions) do
+        # Aggregate all actions, using MapSet ensures actions are unique
+        action_set = (MapSet.to_list(acc.action_set) ++ rule.actions) |> MapSet.new()
+
+        # Aggregate all reject messages if applicable
+        messages =
+          if Enum.member?(rule.actions, "reject") and is_binary(rule.message),
+            do: acc.messages ++ [rule.message],
+            else: acc.messages
+
+        # attempt to set default value for acc.ban_interval if nil
+        acc =
+          if is_nil(acc.ban_interval),
+            do: Map.put(acc, :ban_interval, rule.options["ban_interval"]),
+            else: acc
+
+        # Pick the latest ban interval, in the event multiple are provided
+        ban_interval =
+          if Enum.member?(rule.actions, "ban") and
+               Map.has_key?(rule.options, "ban_interval") and
+               acc.ban_interval < rule.options["ban_interval"],
+             do: rule.options["ban_interval"],
+             else: acc.ban_interval
+
+        # Aggregate all edit options
+        edits =
+          if Enum.member?(rule.actions, "edit"),
+            do: acc.edits ++ [rule.options["edit"]],
+            else: acc.edits
+
+        # return updated acc
+        %{
+          action_set: action_set,
+          messages: messages,
+          ban_interval: ban_interval,
+          edits: edits
+        }
+      else
+        acc
+      end
+    end)
+  end
+
+  defp execute_rule_actions(
+         post_attrs,
+         %{
+           action_set: action_set,
+           messages: messages,
+           ban_interval: ban_interval,
+           edits: edits
+         } = _rule_actions
+       ) do
+    # handle rule actions that edit the post body
+    post_attrs =
+      if MapSet.member?(action_set, "edit"),
+        do:
+          Enum.reduce(edits, post_attrs, fn edit, acc ->
+            post_body = acc["body"]
+
+            # handle actions that replace text in post body
+            acc =
+              if is_map(edit["replace"]) do
+                replacement_text = edit["replace"]["text"]
+                test_pattern = edit["replace"]["regex"]["pattern"]
+                test_flags = edit["replace"]["regex"]["flags"]
+
+                # compensate for elixir not supporting /g/ flag
+                replace_globally = String.contains?(test_flags, "g")
+
+                # remove g flag (doesnt work in elixir), compensate later using string replace
+                test_flags = Regex.replace(~r/g/, test_flags, "")
+                match_regex = Regex.compile!(test_pattern, test_flags)
+
+                # update body of post with replacement text
+                updated_post_body =
+                  String.replace(post_body, match_regex, replacement_text,
+                    global: replace_globally
+                  )
+
+                # return acc with updated post body
+                Map.put(acc, "body", updated_post_body)
+              else
+                acc
+              end
+
+            # handle actions that replace post body using a template
+            acc =
+              if is_binary(edit["template"]) do
+                # get new post body template
+                template = edit["template"]
+
+                # update post body using template
+                updated_post_body = String.replace(template, "{body}", post_body)
+
+                # return post_attrs with updated post body
+                Map.put(acc, "body", updated_post_body)
+              else
+                acc
+              end
+
+            # return updated acc
+            acc
+          end),
+        else: post_attrs
+
+    # handle rule actions that ban the user
+    if MapSet.member?(action_set, "ban") do
+      # ban period is utc now plus how ever many days ban_interval is
+      ban_period =
+        if ban_interval,
+          do:
+            DateTime.utc_now()
+            |> DateTime.add(
+              ban_interval * @hours_per_day * @minutes_per_hour * @seconds_per_minute,
+              :second
+            )
+            |> DateTime.to_naive()
+
+      # get user_id from post_attrs
+      user_id = post_attrs["user_id"]
+
+      # ban the user, ban_period is either a date or nil (permanent)
+      Ban.ban_by_user_id(user_id, ban_period)
+
+      # update user session after banning
+      Session.update(user_id)
+
+      # send websocket notification to reauthenticate user
+      EpochtalkServerWeb.Endpoint.broadcast("user:#{user_id}", "reauthenticate", %{})
+    end
+
+    # handle rule actions that shadow delete the post (auto lock/delete)
+    post_attrs =
+      if MapSet.member?(action_set, "delete"),
+        do: post_attrs |> Map.put("deleted", true) |> Map.put("locked", true),
+        else: post_attrs
+
+    # handle rule actions that reject the post entirely
+    if MapSet.member?(action_set, "reject"),
+      do:
+        raise(AutoModeratorReject,
+          message: "Post rejected by Auto Moderator: #{Enum.join(messages, ", ")}"
+        )
+
+    post_attrs
+  end
+
+  defp rule_condition_is_valid?(post_attrs, conditions) do
+    matches =
+      Enum.map(conditions, fn condition ->
+        test_param = post_attrs[condition["param"]]
+        test_pattern = condition["regex"]["pattern"]
+        test_flags = condition["regex"]["flags"]
+        # remove g flag, one match is good enough to determine if condition is valid
+        test_flags = Regex.replace(~r/g/, test_flags, "")
+        match_regex = Regex.compile!(test_pattern, test_flags)
+        Regex.match?(match_regex, test_param)
+      end)
+
+    # Only valid if every condition returns a valid regex match
+    !Enum.member?(matches, false)
+  end
 end

lib/epochtalk_server/models/board.ex

@@ -139,6 +139,25 @@ defmodule EpochtalkServer.Models.Board do
     end
   end
 
+  @doc """
+  Given an id and moderated property, returns boolean indicating if `Board` allows self moderation
+  """
+  @spec allows_self_moderation?(id :: non_neg_integer, moderated :: boolean) ::
+          allowed :: boolean
+  def allows_self_moderation?(id, true) do
+    query =
+      from b in Board,
+        where: b.id == ^id,
+        select: b.meta["disable_self_mod"]
+
+    query
+    |> Repo.one() || false
+  end
+
+  # pass through if model being created doesn't have "moderated" property set
+  def allows_self_moderation?(_id, false), do: true
+  def allows_self_moderation?(_id, nil), do: true
+
   @doc """
   Determines if the provided `user_priority` has write access to the board that contains the thread
   the specified `thread_id`